mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-24 21:34:08 +03:00
homectl: don't use password cache if we operate on other user
This commit is contained in:
parent
ea086f0610
commit
7bdbafc261
@ -1072,3 +1072,16 @@ int fgetsgent_sane(FILE *stream, struct sgrp **sg) {
|
||||
return !!s;
|
||||
}
|
||||
#endif
|
||||
|
||||
int is_this_me(const char *username) {
|
||||
uid_t uid;
|
||||
int r;
|
||||
|
||||
/* Checks if the specified username is our current one. Passed string might be a UID or a user name. */
|
||||
|
||||
r = get_user_creds(&username, &uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
return uid == getuid();
|
||||
}
|
||||
|
@ -109,3 +109,5 @@ int putsgent_sane(const struct sgrp *sg, FILE *stream);
|
||||
#endif
|
||||
|
||||
bool is_nologin_shell(const char *shell);
|
||||
|
||||
int is_this_me(const char *username);
|
||||
|
@ -220,6 +220,10 @@ static int acquire_existing_password(
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* If this is not our own user, then don't use the password cache */
|
||||
if (is_this_me(user_name) <= 0)
|
||||
SET_FLAG(flags, ASK_PASSWORD_ACCEPT_CACHED|ASK_PASSWORD_PUSH_CACHE, false);
|
||||
|
||||
if (asprintf(&question, emphasize_current ?
|
||||
"Please enter current password for user %s:" :
|
||||
"Please enter password for user %s:",
|
||||
@ -269,6 +273,10 @@ static int acquire_token_pin(
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* If this is not our own user, then don't use the password cache */
|
||||
if (is_this_me(user_name) <= 0)
|
||||
SET_FLAG(flags, ASK_PASSWORD_ACCEPT_CACHED|ASK_PASSWORD_PUSH_CACHE, false);
|
||||
|
||||
if (asprintf(&question, "Please enter security token PIN for user %s:", user_name) < 0)
|
||||
return log_oom();
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user